Overview

overview

9

Static

static

7

c3d53f0455...cs.exe

windows7-x64

9

c3d53f0455...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3d53f04557a9e8a701df46810b34d40_NeikiAnalytics.exe

  • Size

    7.3MB

  • Sample

    240524-3ykedafe6x

  • MD5

    c3d53f04557a9e8a701df46810b34d40

  • SHA1

    5ea6ab95a69d3c2daf24a7f65cae95c5da366268

  • SHA256

    89c2955518f18e5b96d7d72b66e1f87f82727b17c1b90834d86c53490300bf97

  • SHA512

    f58db0166641ea69d02f5173cf85c6fcf2e76722c2a29acccdc7216416b79930d0bee268a08c2d7fe242d7a229fad858c04dfd9f5687208c9792ad081fcff795

  • SSDEEP

    98304:stzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwN/:mqBZtlV1qKpkfqbjeGVr4wZfNnJw1

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      c3d53f04557a9e8a701df46810b34d40_NeikiAnalytics.exe

    • Size

      7.3MB

    • MD5

      c3d53f04557a9e8a701df46810b34d40

    • SHA1

      5ea6ab95a69d3c2daf24a7f65cae95c5da366268

    • SHA256

      89c2955518f18e5b96d7d72b66e1f87f82727b17c1b90834d86c53490300bf97

    • SHA512

      f58db0166641ea69d02f5173cf85c6fcf2e76722c2a29acccdc7216416b79930d0bee268a08c2d7fe242d7a229fad858c04dfd9f5687208c9792ad081fcff795

    • SSDEEP

      98304:stzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwN/:mqBZtlV1qKpkfqbjeGVr4wZfNnJw1

    Score
    9/10
    ransomwareupx

    • Renames multiple (3814) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks